<?php
require_once(dirname(__FILE__) . '/PortalUtil.class.php');

class User extends PortalUtil {
	public $tbl = Constant::tbl_wifi_user;
	
	public $error = array(
		'0' => '正常',
		'1' => '禁用',
		'2' => '已过有效期',
		'3' => '当日流量不足',
		'4' => '当月流量不足',
			
		'5' => '未授权上网',
		'6' => '已禁止此设备上网',
	);
	
	public $sex = array(
		'-' => '请选择',
		'1' => '男',
		'2' => '女',
		
		'9' => '其它',
	);

	function __construct() {
		$request['update'] = '$Date: 2009/02/16 07:36:07 $';
		$request['revision'] = '$Revision: 1.1 $';

		parent::__construct($request);
	}
	
	function pretreat($controller) {
		parent::pretreat($controller);
	
		$controller->assign_by_ref('sex_option', $this->sex);
	
		$this->nav['user'] = true;
	}

	/**
	 *
	 *
	 * @param Controler $controller
	 * @param array $request
	 */
	function layout($controller, $request) {
		$this->pretreat($controller);
		
		if (empty($_SESSION['uid'])) {
			$controller->display($request, 'user/login');
			return true;
		}
		
		$uid = $_SESSION['uid'];
		
		$db = newdb($this->dsn_r);
		$fmt = "SELECT * FROM %s WHERE id = '%s'";
		$sql = sprintf($fmt, $this->tbl, $uid);
		$result = $db->query($sql);
		
		if ($row = $db->fetch_array($result)) {
			
			$request['bytes'] = 0;
			if ($ret = $this->_valid_aa($request, $row)) {
				
				$fmt = "由于帐户[%s]原因，你的帐户现在不可以使用。请联系管理员！";
				$msg = sprintf($fmt, $this->error[$ret]);
			
				$controller->assign('msg', $msg);
			}
			
			$controller->assign_by_ref('result', $row);
		}
		
		$this->_mac_my($controller, $request);
		
		$controller->display($request, 'user/index');
		return true;
	}
	
	function _mac_my($controller, $request) {
		
		$uid = $_SESSION['uid'];
		$mac = $this->_dog_mac($request);
		
		require_once 'Mac.class.php';
		
		$aa = new Mac();
		$ret = $aa->_by_mac($uid, $mac);
		
		$controller->assign_by_ref('mac', $ret);
	}
	
	function mac($controller, $request) {
		$this->pretreat($controller);
		
		$gw_id = $this->_dog_id($request);
		
		$mac = $this->_dog_mac($request);
		
		if (empty($mac)) {
			$controller->display($request, 'user/login');
			return true;
		}
		
		$db = newdb($this->dsn_w);
		$fmt = "SELECT * FROM %s WHERE mac = '%s'";
		$sql = sprintf($fmt, $this->tbl, $mac);
		$result = $db->query($sql);
		if ($row = $db->fetch_array($result)) {
			$request['username'] = $row['id'];
			$request['password'] = $row['password'];
			
		} else {
			$indate = date("Y-m-d", strtotime("5 year"));
			
			$fmt = "INSERT INTO %s(gw_id, mac, username, password, indate, createtime) 
					VALUES('%s', '%s', '%s', '1', '%s', NOW())";
			$sql = sprintf($fmt, $this->tbl, $gw_id, $mac, $mac, $indate);
			$db->query($sql);
			
			$request['username'] = $db->insert_id();
			$request['password'] = '1';
		}
		
		$this->loginPost($controller, $request);
		return true;
	}
	
	function register($controller, $request) {
		$this->pretreat($controller);
	
		// $this->_wifidog($request);
	
		$controller->display($request, 'user/register');
		return true;
	}
	
	function login($controller, $request) {
		$this->pretreat($controller);
		
		$this->_wifidog($request);
				
		$controller->display($request, 'user/login');
		return true;
	}
	
	function loginPost($controller, $request) {
	
		$username = trim($request['username']);
		$password = trim($request['password']);
		
		if (empty($username) || empty($password)) {
			$controller->display($request, 'user/login');
			return true;
		}
	
		$gw_ip = $this->_dog_address($request);
		$gw_port = $this->_dog_port($request);
	
		$gw_id = $this->_dog_id($request);
		$mac = $this->_dog_mac($request);
		$url = $this->_dog_url($request);
		
		$s = sprintf("%s_%s_%s", $username, $password, time());
		$token = md5($s);
		
		if ($row = $this->_auth($username, $password)) {
			
			$row['gw_id'] = $gw_id;
			
			$mc = memcache("root");
			if (is_object($mc)) {
				$mc->set($token, $row, 0, _strtotime("2 day"));
			}
			
			$request['token'] = $token;
			
			$_SESSION['user'] = $row;
			$_SESSION['uid'] = $row['id'];
			$_SESSION['username'] = $username;
			$_SESSION['token'] = $token;
			
			$request['bytes'] = 0;
			if ($ret = $this->_valid_aa($request, $row)) {
				debug("valid_aa......");
				$this->layout($controller, $request);
				return true;
			}
			
			if (empty($gw_ip)) {
				debug("gw_address......");
				$msg = "登录异常，请关闭浏览器重新打开并输入任意网址打开认证页面重新登录。有问题请联系管理员！";
					
				$controller->assign('msg', $msg);
				
				$this->layout($controller, $request);
				return true;
			}
			
			$fmt = "http://%s:%s/wifidog/auth?token=%s";
			$url = sprintf($fmt, $gw_ip, $gw_port, $token);
			debug($url);
			
			header("Location: " . $url);
			return true;
		}
		
		$controller->display($request, 'user/login');
		return true;	
	}
	
	function exist(&$controller, &$request) {
		$username = trim($request['username']);
		$password = trim($request['password']);
	
		$ret = array('status'=>1);
		
		if (empty($username) || empty($password)) {
			$ret['status'] = 9;
			echo json_encode($ret);
			return false;
		}
		
		if ($row = $this->_username($username)) {
			if ($row['status'] == 2 || $row['status'] == 3) {
				$ret['status'] = 3;
			} else if (!$this->_password($row['password'], $password)) {
				$ret['status'] = 4;
			}
		} else {
			$ret['status'] = 2;
		}
	
		echo json_encode($ret);
	}
	
	function _auth($username, $password) {
		
		if ($row = $this->_username($username)) {
			
			if ($row['status'] == '3') {
				return false;
			}
			
			if ($this->_password($row['password'], $password)) {
				return $row;
			}
		} 
		
		return false;
	}
	
	function _username($s) {
	
		return $this->_user($s);
	}
	
	function _user($username) {
	
		$db = newdb($this->dsn_r);
		
		if (preg_match("/^1(3|4|5|7|8)\d{9}$/i", $username)) {
			$fmt = "SELECT * FROM %s WHERE mobile = '%s'";
			$sql = sprintf($fmt, $this->tbl, $username);
		} else if (preg_match("/^(\d+)$/i", $username)) {
			$fmt = "SELECT * FROM %s WHERE id = '%s'";
			$sql = sprintf($fmt, $this->tbl, $username);
		} else {
			$fmt = "SELECT * FROM %s WHERE username = '%s'";
			$sql = sprintf($fmt, $this->tbl, $username);
		}
		debug($sql);
		$result = $db->query($sql);
		if ($row = $db->fetch_array($result)) {
			return $row;
		}
	
		return false;
	}
	
	function _password($password, $input) {
		$s = trim($input);
		if (strlen($s) == 0) {
			return false;
		}
	
		if ($password == $input) {
			return true;
		}
	
		if ($password == md5($input)) {
			return true;
		}
	
		return false;
	}
	
	function _remain($request, $user) {
		
		$uid = $user['id'];
		$bytes = $request['bytes'];
	
		$mb = 1024 * 1024;
	
		$db = newdb($this->dsn_w);
		$fmt = "SELECT * FROM %s WHERE id = '%s'";
		$sql = sprintf($fmt, $this->tbl, $uid);
		debug($sql);
		$result = $db->query($sql);
		if ($row = $db->fetch_array($result)) {
				
			$r1 = $row['r1']*$mb - $bytes;
			$r1 = $r1 / $mb;
			
			$r2 = $row['r2']*$mb - $bytes;
			$r2 = $r2 / $mb;
				
			$fmt = "UPDATE %s SET r1 = '%s', r2 = '%s' WHERE id = '%s'";
			$sql = sprintf($fmt, $this->tbl, $r1, $r2, $row['id']);
			debug($sql);
			$db->query($sql);
		}
	}
	
	function _valid($request, $user) {
		
		$token = $request['token'];
		$bytes = $request['bytes'];
		
		$uid = $user['id'];
		
		$db = newdb($this->dsn_r);
		$fmt = "SELECT * FROM %s WHERE id = '%s'";
		$sql = sprintf($fmt, $this->tbl, $uid);
		debug($sql);
		$result = $db->query($sql);
		if ($row = $db->fetch_array($result)) {
			if ($this->_valid_aa($request, $row) > 0) {
				return false;
			}
			
			if (!$this->_valid_c1($request, $row)) {
				return false;
			}
	
			return true;
		}
		
		return false;
	}
	
	function _black($request, $user) {
		
		$uid = $user['id'];
		$mac = $this->_dog_mac($request);
		
		require_once(dirname(__FILE__) . '/Black.class.php');
		$aa = new Black();
		
		return $aa->_is_black($uid, $mac);
	}
	
	function _valid_aa($request, $user) {
		
		if ($user['status'] == '2' || $user['status'] == '3') {
			return 1;
		}
			
		$a = strtotime("-1 day");
		$b = strtotime($user['indate']);
		if ($a > $b) {
			return 2;
		}
		
		$bytes = $request['bytes'];
		
		$mb = 1024 * 1024;
		
		if ($user['r2']*$mb < $bytes) {
			return 3;
		}
		
		if ($user['r1']*$mb < $bytes) {
			return 4;
		}
		
		if (!$this->_valid_node_emp($request, $user)) {
			return 5;
		}
		
		if ($this->_black($request, $user)) {
			return 6;
		}
		
		return 0;
	}
	
	function _valid_node_emp($request, $user) {
		return true;
	}
	
	function _valid_node_emp2($request, $user) {
		
		$gw_id = $this->_dog_id($request);
		
		if ($user['office'] == '1') {
			return true;
		}
		
		if (preg_match("/^(sj12|qx12)/i", $gw_id)) {
			require_once(dirname(__FILE__) . '/NodeEmp.class.php');
			$aa = new NodeEmp();
		
			return $aa->_valid($request, $user);
		}
		
		return true;
	}
	
	function _valid_c1($request, $user) {
		require_once(dirname(__FILE__) . '/Log.class.php');
		$aa = new Log();
		
		return $aa->_valid($request, $user);
	}
	
	function edit($controller, $request) {
		$this->pretreat($controller);
	
		if (empty($_SESSION['uid'])) {
			$controller->display($request, 'user/login');
			return true;
		}
		
		$uid = $_SESSION['uid'];
		
		$db = newdb($this->dsn_w);
		$fmt = "SELECT * FROM %s WHERE id = '%s'";
		$sql = sprintf($fmt, $this->tbl, $uid);
		debug($sql);
		$result = $db->query($sql);
		if ($row = $db->fetch_array($result)) {
			$controller->assign_by_ref('result', $row);
		}
	
		$controller->display($request, 'user/edit');
		return true;
	}
	
	function editPost($controller, $request) {
		$this->pretreat($controller);
	
		if (empty($_SESSION['uid'])) {
			$controller->display($request, 'user/login');
			return true;
		}
		
		$uid = $_SESSION['uid'];
	
		$username = trim($request['username']);
		$name = trim($request['name']);
	
		$birthday = trim($request['birthday']);
		$sex = $request['sex'];
	
		$mobile = trim($request['mobile']);
		$qq = trim($request['qq']);
		$email = trim($request['email']);
	
		$address = addslashes($request['address']);
		$content = addslashes($request['content']);
	
		$db = newdb($this->dsn_w);
		$fmt = "UPDATE %s SET username = '%s', name = '%s', sex = '%s', birthday = '%s', mobile = '%s', qq = '%s', email = '%s', address = '%s', 
				content = '%s', modifytime = NOW() WHERE id = '%s'";
		$sql = sprintf($fmt, $this->tbl, $username, $name, $sex, $birthday, $mobile, $qq, $email, $address, $content, $uid);
		debug($sql);
		$db->query($sql);
		if ($db->affected_rows() > 0) {
			$_SESSION['username'] = $username;
		}
	
		$ret = array('status'=>1);
		echo json_encode($ret);
		
		return true;
	}
	
	function password($controller, $request) {
		$this->pretreat($controller);
	
		if (empty($_SESSION['uid'])) {
			$controller->display($request, 'user/login');
			return true;
		}
	
		$controller->display($request, 'user/password');
		return true;
	}
	
	function passwordPost($controller, $request) {
		$this->pretreat($controller);
	
		if (empty($_SESSION['uid'])) {
			$controller->display($request, 'user/login');
			return true;
		}
	
		$uid = $_SESSION['uid'];
	
		$ret = array('status'=>1);
	
		$password1 = trim($request['password1']);
		$password2 = trim($request['password2']);
		$password3 = trim($request['password3']);
	
		/*
		if ($row = $this->_username($username)) {
				
			if (!$this->_password($row['password'], $password1)) {
				$ret['status'] = 2;
				echo json_encode($ret);
				return false;
			}
		}*/
	
		if (empty($password2) || $password2 <> $password3) {
			$ret['status'] = 3;
			echo json_encode($ret);
				
			return false;
		}
	
		$db = newdb($this->dsn_w);
		$fmt = "UPDATE %s SET password = '%s' WHERE id = '%s'";
		$sql = sprintf($fmt, $this->tbl, $password2, $uid);
		debug($sql);
		$db->query($sql);
	
		echo json_encode($ret);
		return true;
	}
	
	function _transfer($uid, $incoming, $outgoing) {
		
		$amount = $incoming - $outgoing;
	
		$db = newdb($this->dsn_w);
		$fmt = "SELECT * FROM %s WHERE id = '%s'";
		$sql = sprintf($fmt, $this->tbl, $uid);
		$result = $db->query($sql);
		if ($row = $db->fetch_array($result)) {
			$fmt = "UPDATE %s SET r1 = '%s', r2 = '%s' WHERE id = '%s'";
			$sql = sprintf($fmt, $this->tbl, $row['r1']+$amount, $row['r2']+$amount, $uid);
			debug($sql);
			$db->query($sql);
			
			return $row['r2'] + $amount;
		} 
		
		return 0;
	}
	
	function t($controller, $request) {
		$this->pretreat($controller);	
	
		logdate($controller, $request);
		return true;
	}
}
?>
